Page 16 - GCN, Feb/Mar 2018
P. 16

                                                         ADAPTIVE RESPONSE
Adaptive response:
 Cyberthreats’ new nemesis
Why an automated, analytics-driven approach is critical to protecting government systems against today’s adversaries
Kevin Davis
Vice President for Public Sector, Splunk
easily adapt within their ecosystem. That approach not only promotes consistency and ease, but also lowers costs, improves e ciencies and enhances overall security posture.
It is time for agencies to rethink cybersecurity and move from a reactive to a more proactive and adaptive approach. They can start by updating their requests for proposals to better address the modern threat landscape. By mandating adaptive response solutions during the procurement process, agencies will ensure that the vendor community is adhering to best practices and standards-based approaches.
GOVERNMENT IT ENVIRONMENTS are increasingly mobile, virtualized
and cloud-based. That complexity
is expanding the attack surface and creating new cybersecurity risks as agencies accelerate their move toward modernization.
Basic cyber hygiene (or compliance) helps ensure a consistent security posture so that agencies can better identify and manage the risks to systems and missions. The National Institute of Standards and Technology’s Cybersecurity Framework outlines  ve steps to respond to threats and ensure network resilience: Identify, protect, detect, respond and recover.
Gaining continuous, real-time visibility into IT operations across the enterprise is essential for taking full advantage of the framework and achieving the desired level of security. And it is a critical building block for responding to today’s changing threat landscape, which requires a more dynamic approach.
Adaptive response helps agencies become more nimble so that they can respond to evolving threats whenever and wherever they occur and promote a consistent security posture. It helps agencies extend their investments in the heterogeneous tools they already have, provides a defensive strategy for multi-layered security architectures
and allows agencies to automate the entire security process from identifying the threat to taking fast, appropriate action.
Speeding the time to action
Data analytics is at the core of an adaptive response strategy. In combination with
increased automation and machine learning algorithms, data analytics improves  delity so analysts need to focus only on the critical alerts and reduces analyst fatigue because the manual tedium is eliminated.
Speeding the time to action is critical, and the more that agencies can automate the process, the faster they can eliminate or minimize the impact of a threat. With adaptive response, when agencies address a gap to remediate a threat, they can also do it in other places proactively.
Those improvements are only possible if government agencies are procuring solutions that are more open so they can
                                     davooda/Shutterstock/GCN Staff

   14   15   16   17   18